<?php
/**
 * Created by PhpStorm.
 * User: lx
 * Date: 2020/1/6
 * Time: 18:08
 */
namespace app\http\middleware;

use app\mtadminapi\controller\Base;
use think\facade\Config;
use app\command\controller\Generate;
use think\cache\driver\Redis;
use app\util\ReturnCode;

/**
 * api鉴权及验token中间件
 * Class MtAdminRequestToken
 * @package app\http\middleware
 */
class MtAdminRequestToken {
    public function handle($request, \Closure $next) {
        if(config("apiadmin.CHECK_USER_TOKEN")){
            $token = $request->param('token'); // 传参token
            if(!$token){
                return json([
                    'code' => ReturnCode::EMPTY_PARAMS,
                    'msg'  => '请先登录',
                    'data' => []
                ]);
            }
            $redisTokenID = (new Redis)->get($token); // 用token获取redis中用户ID
            if(!$redisTokenID){
                return json([
                    'code' => ReturnCode::RECORD_NOT_FOUND,
                    'msg'  => 'token过期,请重新登录!',
                    'data' => []
                ]);
            }
            $redisToken = (new Redis)->get("userToken".$redisTokenID); //用用户id获取redis中token
            if($token != $redisToken){ //比对两个token
                return json([
                    'code' => ReturnCode::RECORD_NOT_FOUND,
                    'msg'  => 'token过期,请重新登录。',
                    'data' => []
                ]);
            }
            $adminAuth = (new Redis())->get('adminAuth.'.$redisTokenID); // 用户id读取权限
            if(!$adminAuth){
                $adminAuth = (new Base())->adminAuth($adminAuth);
                if(!$adminAuth){
                    return json([
                        'code' => ReturnCode::AUTH_ERROR,
                        'msg'  => '管理员权限不存在。',
                        'data' => []
                    ]);
                }
            }else{
                $adminAuth = json_decode($adminAuth,true);
            }
            $authPath = $request->path(); //当前访问的路径
            $checkAuth = $this->checkAuth($authPath,$adminAuth);
            if(!$checkAuth){
                return json([
                    'code' => ReturnCode::AUTH_ERROR,
                    'msg'  => '没有权限访问此模块。',
                    'data' => []
                ]);
            }
            (new Redis)->set("adminAuth.".$redisTokenID,json_encode($adminAuth,JSON_UNESCAPED_UNICODE),600); // 登录权限
            (new Redis)->set("userToken".$redisTokenID,$token,600); // token存储
            (new Redis)->set($token,$redisTokenID,600); // 登录状态
        }
        if(!$request->param("adminID")){
            $request->adminID = 1;
        }
        return $next($request);
    }
    public function checkAuth($authPath,$adminAuth){
        foreach ($adminAuth as $k => $v){
            if($authPath == $v['authPath']){
                return true;
            }else{
                if(!empty($v['child'])){
                    $this->checkAuth($authPath,$v['child']);
                }
            }

        }
        return false;
    }
}
